United Airlines Senior Manager - Application Security in Chicago, Illinois
We have a wide variety of career opportunities around the world — come find yours.
The United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.
Job overview and responsibilities
As a Senior Manager of Application Security, you will create and lead the application security team's strategy to drive a defensive approach to the United Application ecosystem of mobile and web applications that are critical for our daily operations and for customers.
A successful candidate understands principles of application design across various tech stacks and how security best practices apply. They should also be able to create secure application architecture standards and develop analytics for ongoing performance measurement and reporting to provide actionable insights. This role will be instrumental in deploying, operating, and scaling application security solutions for high profile initiatives.
You will help evaluate, implement, run, and troubleshoot application security tools that help developers produce more secure code. You will be spearheading application risk profile evaluations and providing risk mitigation/vulunerability management solutions for the application development teams. You’ll act as the security leader within a collaborative team, spearheading security feature enhancements and application design updates to enable more secure applications for United Airlines. We are looking for someone who is passionate about the latest technologies and keeps a close eye on cyber security trends that impact our applications risk profile. The ideal candidate will play a foundational role in a new team, is self-motivated, and has impecable communication skills.
Provide technical security architecture/engineering support
Establish security controls to protect applications across a large and complex environment
Provide strategic vision and strategy that is aligned to organization and team priorities
Lead vulnerability scanning/ management and dev sec ops automation
Coordinate, measure and report on the technical aspects of security technology management.
BS/BA, preferably in a technical or scientific field or equivalent experience, education or training
A minimum of seven years of IT management experience, with five years in an information security role
In-depth knowledge and understanding of information security concepts and principles as a means of relating business needs to security technologies.
Good understanding of application security frameworks, standards, and best practices from OWASP, WASC, SANS. and other information security standards.
Demonstrable experience with object oriented programming languages. In depth experience with at least two of the following development languages: .Net, C#, Angular, React/Redux, Java, PHP, Objective-C, SQL, REST, SAML, Python, Swift, Kotlin
Familiarity with how APIs work and how to interact with them.
Experience with at least one code security review tool: Qualys, Veracode, Checkmarx, WhiteHat Sentinel, Tenable, Burp, etc.
Understanding and awareness of documentation required in a secure software development lifecycle
Ability to deliver ahead of or on milestones for project timelines
Strong leadership skills and the ability to work effectively with product managers and developers
The ability to build strong relationships at all levels and across all business units and organizations, and understand business and security goals
Experience delivering, implementing and administering complex technical security solutions
Must be legally authorized to work in the United States for any employer without sponsorship
Successful completion of interview required to meet job qualification
Reliable, punctual attendance is an essential function of the position
CISSP, SANS and/or relevant SANS certifications or strong demonstrated application of software security in code written by individual
Experience working with cross-functional agile development teams
Experience working with Fiddler and Postman to create requests
Equal Opportunity Employer – Minorities/Women/Veterans/Disabled/LGBT
Division: 47 Technology/IT
Function: Information Technology
Equal Opportunity Employer – Minorities/Women/Veterans/Disabled